SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for gpg2-lang-2.0.22-15.1.noarch.rpm :
Thu Nov 19 13:00:00 2015 vcizekAATTsuse.com
- fix CVE-2015-1606 (bsc#918089)

* Invalid memory read using a garbled keyring

* 0001-gpg-Prevent-an-invalid-memory-read-using-a-garbled-k.patch
- fix CVE-2015-1607 (bsc#918090)

* memcpy with overlapping ranges

* 0001-Use-inline-functions-to-convert-buffer-data-to-scala.patch
- list keyring in spec

Tue Jun 24 14:00:00 2014 andreas.stiegerAATTgmx.de
- security fix to stop a possible DoS using garbled compressed data
packets which can be used to put gpg into an infinite loop.
[bnc#884130] [CVE-2014-4617]
adding gpg2-2.0.24-compressed-data-infinite-loop.patch

Fri Feb 14 13:00:00 2014 vcizekAATTsuse.com
- install scdaemon to /usr/bin (bnc#863645)

Sat Oct 5 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 2.0.22 [bnc#844175]

* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]

* Improved support for some card readers.

* Prepared building with the forthcoming Libgcrypt 1.6.

* Protect against rogue keyservers sending secret keys.
- remove gpg2-CVE-2013-4351.patch, committed upstream

Mon Sep 16 14:00:00 2013 vcizekAATTsuse.com
- fix CVE-2013-4351 (bnc#840510)

Mon Aug 19 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 2.0.21

* gpg-agent: By default the users are now asked via the Pinentry
whether they trust an X.509 root key. To prohibit interactive
marking of such keys, the new option --no-allow-mark-trusted may
be used.

* gpg-agent: The command KEYINFO has options to add info from
sshcontrol.

* The included ssh agent does now support ECDSA keys.
- now requires libgpg-error 1.11
- update gnupg-2.0.9-langinfo.patch for upstream whitespace changes
- drop gnupg-broken-curl-test.patch, no longer required

Mon Jun 17 14:00:00 2013 cooloAATTsuse.com
- revert usage of gpg-offline to avoid cycles

Mon Jun 17 14:00:00 2013 cooloAATTsuse.com
- add gnupg-2.0.20-automake113.diff to fix build with automake 1.13

Tue May 14 14:00:00 2013 vcizekAATTsuse.com
- set safe umask before creating a plaintext file (bnc#780943)
added gpg2-set_umask_before_open_outfile.patch
- select proper ciphers when running in FIPS mode (bnc#808958)
added gnupg-detect_FIPS_mode.patch

Fri May 10 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 2.0.20

* Decryption using smartcards keys > 3072 bit does now work.

* New meta option ignore-invalid-option to allow using the same
option file by other GnuPG versions.

* gpg: The hash algorithm is now printed for sig records in key listings.

* gpg: Skip invalid keyblock packets during import to avoid a DoS.

* gpg: Correctly handle ports from DNS SRV records.

* keyserver: Improve use of SRV records

* gpg-agent: Avoid tty corruption when killing pinentry.

* scdaemon: Improve detection of card insertion and removal.

* scdaemon: Rename option --disable-keypad to --disable-pinpad.

* scdaemon: Better support for CCID readers. Now, the internal CCID
driver supports readers without the auto configuration feature.

* scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and
it supports variable length PIN input, and you specify
- -enable-pinpad-varlen option.

* scdaemon: New option --enable-pinpad-varlen.

* scdaemon: Install into libexecdir to avoid accidental execution
from the command line.

* Assorted bug fixes.
- refresh gnupg-2.0.9-RSA_ES.patch
- verify gpg signature of source tarball

Wed Mar 27 13:00:00 2013 mmeisterAATTsuse.com
- Added url as source.
Please see http://en.opensuse.org/SourceUrls

Fri Jan 11 13:00:00 2013 lazy.kentAATTopensuse.org
- BuildRequires: libbz2-devel (support BZIP2 compression
algorithm) (bnc#798175).

Wed Apr 18 14:00:00 2012 vcizekAATTsuse.com
- Mention some of the changes in Greg\'s version update

Tue Mar 27 14:00:00 2012 gregkhAATTopensuse.org
- update to upstream 2.0.19

* GPG now accepts a space separated fingerprint as a user ID. This
allows to copy and paste the fingerprint from the key listing.

* GPG now uses the longest key ID available. Removed support for the
original HKP keyserver which is not anymore used by any site.

* Rebuild the trustdb after changing the option --min-cert-level.

* Ukrainian translation.

* Honor option --cert-digest-algo when creating a cert.

* Emit a DECRYPTION_INFO status line.

* Improved detection of JPEG files.

Tue Dec 6 13:00:00 2011 vcizekAATTsuse.com
- fixed licence to GPL-3.0+ (bnc#734878)

Wed Nov 30 13:00:00 2011 cooloAATTsuse.com
- add automake as buildrequire to avoid implicit dependency

Sat Oct 1 14:00:00 2011 crrodriguezAATTopensuse.org
- Test suite hangs in qemu-arm, workaround.

Wed Aug 31 14:00:00 2011 puzelAATTsuse.com
- link with -pie

Fri Aug 19 14:00:00 2011 crrodriguezAATTopensuse.org
- libcurl.m4 tests were broken, resulting in the usage
of a \"fake\" internal libcurl.

Sat Aug 6 14:00:00 2011 andreas.stiegerAATTgmx.de
- update to upstream 2.0.18

* Bug fix for newer versions of Libgcrypt.

* Support the SSH confirm flag and show SSH fingerprints in ssh
related pinentries.

* Improved dirmngr/gpgsm interaction for OCSP.

* Allow generation of card keys up to 4096 bit.
- refresh patch gnupg-2.0.10-tmpdir.diff -> gnupg-2.0.18-tmpdir.diff
- refresh patch gnupg-files-are-digests.patch -> gnupg-2.0.18-files-are-digests.patch

Tue Mar 15 13:00:00 2011 puzelAATTnovell.com
- update to gnupg-2.0.17

* Allow more hash algorithms with the OpenPGP v2 card.

* The gpg-agent now tests for a new gpg-agent.conf on a HUP.

* Fixed output of \"gpgconf --check-options\".

* Fixed a bug where Scdaemon sends a signal to Gpg-agent running
in non-daemon mode.

* Fixed TTY management for pinentries and session variable update
problem.
- drop gnupg-CVE-2010-2547.patch (in upstream)

Fri Jan 7 13:00:00 2011 sbrabecAATTsuse.cz
- Removed obsolete BuildRequires of opensc-devel.

Sun Oct 31 13:00:00 2010 jengelhAATTmedozas.de
- Use %_smp_mflags

Wed Jul 28 14:00:00 2010 puzelAATTnovell.com
- gnupg-CVE-2010-2547.patch (bnc#625947)
- renumber patches

Mon Jul 19 14:00:00 2010 puzelAATTnovell.com
- update to gnupg-2.0.16

* If the agent\'s --use-standard-socket option is active, all tools
try to start and daemonize the agent on the fly. In the past this
was only supported on W32; on non-W32 systems the new configure
option --use-standard-socket may now be used to use this feature by
default.

* The gpg-agent commands KILLAGENT and RELOADAGENT are now available
on all platforms.

* Minor bug fixes.
- drop gnupg-2.0.14-s2kcount.patch (builds fine without it now)

Mon Jun 7 14:00:00 2010 adrianAATTsuse.de
- add special provides to make sure that obs signd gets correct gpg version

Fri Apr 9 14:00:00 2010 chrisAATTcomputersalat.de
- fix deps
o libassuan-devel >= 2.0.0
o pth / libpth-devel >= 1.3.7
- added BuildReq libcurl-devel >= 7.10
- removed BuildReq openldap2
is already solved by openldap2-devel
- removed unrecognized configure options
- -enable-external-hkp, --enable-shared, --enable-static-rnd

Wed Apr 7 14:00:00 2010 puzelAATTnovell.com
- add gnupg-dont-fail-with-seahorse-agent.patch (bnc#589994)

Wed Mar 31 14:00:00 2010 puzelAATTnovell.com
- update to gnupg-2.0.15

* New command --passwd for GPG.

* Fixes a regression in 2.0.14 which prevented unprotection of new
or changed gpg-agent passphrases.

* Make use of libassuan 2.0 which is available as a DSO.

Mon Mar 22 13:00:00 2010 puzelAATTnovell.com
- fix files-are-digests patch (bnc#469229)

Wed Feb 17 13:00:00 2010 dimstarAATTopensuse.org
- Update to version 2.0.14:
+ The default for --include-cert is now to include all
certificates in the chain except for the root certificate.
+ Numerical values may now be used as an alternative to the
debug-level keywords.
+ The GPGSM --audit-log feature is now more complete.
+ GPG now supports DNS lookups for SRV, PKA and CERT on W32.
+ New GPGSM option --ignore-cert-extension.
+ New and changed passphrases are now created with an iteration
count requiring about 100ms of CPU work.
- Add gnupg-2.0.14-s2kcount.patch: use fixed s2k-count number
otherwise the gpg2 would want to consult gpg-agent which is not
yet installed in the mock chroot (Patch shamelessly stolen from
Fedora).

Thu Jan 28 13:00:00 2010 puzelAATTnovell.com
- fix build for older distributions

Wed Jan 27 13:00:00 2010 puzelAATTnovell.com
- port files-are-digests patch from gpg1 (bnc#469229)

Tue Dec 15 13:00:00 2009 jengelhAATTmedozas.de
- enable parallel building
- SPARC needs large PIE model

Sun Dec 6 13:00:00 2009 cooloAATTnovell.com
- change -lang require to recommended

Fri Nov 13 13:00:00 2009 puzelAATTnovell.com
- update to gnupg-2.0.13

* GPG now generates 2048 bit RSA keys by default. The default hash
algorithm preferences has changed to prefer SHA-256 over SHA-1.
2048 bit DSA keys are now generated to use a 256 bit hash algorithm

* The envvars XMODIFIERS, GTK_IM_MODULE and QT_IM_MODULE are now
passed to the Pinentry to make SCIM work.

* The GPGSM command --gen-key features a --batch mode and implements
all features of gpgsm-gencert.sh in standard mode.

* New option --re-import for GPGSM\'s IMPORT server command.

* Enhanced writing of existing keys to OpenPGP v2 cards.

* Add hack to the internal CCID driver to allow the use of some
Omnikey based card readers with 2048 bit keys.

* GPG now repeatly asks the user to insert the requested OpenPGP
card. This can be disabled with --limit-card-insert-tries=1.

* Minor bug fixes.
- drop gnupg-2.0.4-default-tty.diff

Thu Jun 18 14:00:00 2009 puzelAATTnovell.com
- update to gnupg-2.0.12

* GPGSM now always lists ephemeral certificates if specified by
fingerprint or keygrip.

* New command \"KEYINFO\" for GPG_AGENT. GPGSM now also returns
information about smartcards.

* Made sure not to leak file descriptors if running gpg-agent with a
command. Restore the signal mask to solve a problem in Mono.

* Changed order of the confirmation questions for root certificates
and store negative answers in trustlist.txt.

* Better synchronization of concurrent smartcard sessions.

* Support 2048 bit OpenPGP cards.

* Support Telesec Netkey 3 cards.

* The gpg-protect-tool now uses gpg-agent via libassuan.

* Changed code to avoid a possible Mac OS X system freeze.
- drop gpg2-fix-rtsignals.patch (fixed upstream)
- drop gnupg-1.9.22-ccid-driver-fix.diff (unused)

Thu Jun 11 14:00:00 2009 puzelAATTsuse.cz
- change BuildRequires: (pth-devel -> libpth-devel)

Mon Jun 1 14:00:00 2009 puzelAATTsuse.cz
- BuildRequires: pth-devel

Wed Mar 18 13:00:00 2009 puzelAATTsuse.cz
- add gpg2-fix-rtsignals.patch (bnc#481463)

Thu Mar 5 13:00:00 2009 puzelAATTsuse.cz
- update to 2.0.11

* Fixed a problem in SCDAEMON which caused unexpected card resets.

* SCDAEMON is now aware of the Geldkarte.

* The SCDAEMON option --allow-admin is now used by default.

* GPGCONF now restarts SCdaemon if necessary.

* The default cipher algorithm in GPGSM is now again 3DES. This is
due to interoperability problems with Outlook 2003 which still
can\'t cope with AES.
- dropped gnupg-2.0.10-fix-convert.patch (upstream)
- dropped gnupg-2.0.10-fix-missing-option.patch (upstream)
- disabled gnupg-1.9.22-ccid-driver-fix.diff (does not apply and it is
not clear what it is good for)

Mon Mar 2 13:00:00 2009 puzelAATTsuse.cz
- gnupg-2.0.10-fix-missing-option.patch (bnc#477362)


  
ICM